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ABSTRACT 



A method, apparatus, and article of manufacture for broad- 
casting encrypted software to a target computer enables 
simultaneous transmission to a plurality of licensed target 
computers. An encryption key is generated to encrypt a 
software package. The encryption key is then itself 
encrypted using a target computer identification code, and 
the encrypted encryption key is loaded onto the target 
computer. The encrypted software is broadcast, for example, 
via satellite, and received at the target computer. The target 
computer uses its identification code to decrypt the 
encrypted encryption key (Le., unlock the encryption key). 
Once the target computer unlocks the encryption key, it uses 
the encryption key to decrypt the software to be Installed on 
the taiget computer. 

21 Claims, 4 Drawing Sheets 
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BROADCAST SOFTWARE DISTRIBUTION software is broadcast via satellite. The target computer 

obtains the encryption key by decrypting the encryption key 
BACKGROUND OF THE INVENTION using its identification code. The encryption key is then used 

1. Reld of the Invention t0 dccrv P t mc software to enable the software to be installed 
This invention relates in general to broadcast distribution. 5 ° nt ° ^ C taigCt 00mputcr * 

and in particular, to broadcast software distribution using BRIEF DESCRIPTION OF THE DRAWINGS 

encryption key locking and unlocking procedures. 

2. Description of Related Art Referring now to the drawings in which like reference 
„- ~7 . . _ . ■ . .„ A numbers represent corresponding parts throughout: 

The software industry as a whole has experienced tre- io "*™ , r 

mendous growth in recent years. There is a continuous mG \ ****** ™ exemplary computer system envi- 
demand for new software products that address the needs in r0Dment for use * with the present invention; 

new or changing industries. Moreover, software companies 2 is a flow chart illustrating exemplary steps which 

routinely upgrade previously-released software products in ^ use< * to program the computer system of FIG. 1. 

response to specific user needs and/or to provide a product 15 according to the present invention; 
in a more efficient manner. FIG. 3 illustrates the packets of a compressed file that are 

Software companies have traditionally distributed its soft- transmitted to a target computer in a broadcast session, 
ware products through physical media such as tapes or according to the present invention; and 
diskettes, and. more recently, CD ROM. Companies store FIG. 4 is a flow chart illustrating exemplary steps, accord- 
their software on these physical media and ship them to 20 ing to the present invention, for verifying that software has 
customers for installation onto their home computers. been successfully transmitted in the system of FIG. 1. 

In distributing software by this method, however, various nRSTRimnw of thf 

problems have been encountered. The cost of media ^d2^oiS^5^StI^ 
duplication, shipping, and storage is quite high in many such PREFERRED EMBODIMENT 

applications. Moreover, the elimination of many types of 25 In the following detailed description of the drawings, 
such physical media has created unwanted environmental- reference is made to the accompanying drawings which 
waste concerns. In addition, this type of distribution form a part hereof, and in which is shown by way of 
involves unwanted delay associated with waiting for media illustration a specific embodiment in which the invention 
copies, packing, addressing, and shipping to obtain new may be practiced. It is to be understood that other embodi- 
products or new versions of existing products. ments may be utilized and structural changes may be made 

An alternative method of distributing software is through without departing from the scope of the present invention, 
phone lines. Software distribufon centers. haying_a host J^.^l illustrates an exemplary computer system envi- 
computer with a modem, 'transmit the software through ronraent that can be used in conjunction with the present 
phone lines to a customer's computer in response to the 35 invention. The exemplary environment includes a host corn- 
customer's order for particular software packages. puter 10 and an encryptor 12 at a Software Distribution 

This alternative form of distribution has also encountered Center (SDC). a satellite 14 for relaying transmitted 
problems. The number of customers who can receive a given software, a target computer 18. and peripheral computers 
transmission is limited by the physical capabilities of the 2fa-/i which are coupled to the target computer 18. As 
phone lines. If numerous customers order the same software ^ illustrated, the encryptor 12. which encrypts software pack- 
package, such as when a company distributes an upgraded ages loaded on the host computer It. is separate from the 
version to existing subscribers, the software company must host computer 10. It is understood, however, that the encryp- 
repeatedly transmit the same software package until all its tor 12 can be configured to be part of the host computer 10. 
customers have received the product This approach is both in the exemplary computer environment of FIG. 1, the 
costly and time consuming. 45 target computer 18 contains a licensing software program 22 

Accordingly, there is a need for an improved method and and a receiver/installer software program 24. which are 
computer system for distributing software that overcomes typically embodied on one or more program storage devices, 
the above-mentioned deficiencies associated with prior tech- A customer is licensed or otherwise authorized to use the 
niques. The present invention provides a solution to these broadcast service of the present invention. With such 
and other problems, offering advantages over conventional 50 authorization, the customer receives the licensing program 
implementations. 22 and receiver/installer 24 program loads these programs 

o r rwvt ARV np thp tmvpu™™ onto computer 18, thereby enabling receipt of software 

SUMMARY OF THE INVENTION transmitted in accordance with this invention. The licensing 

To overcome the limitations in the prior art described program 22 provides for the entry and tracking of strings for 
above, and to overcome other limitations that will become 55 all software products purchased. The licensing program 22 
apparent upon reading and understanding the present also generates the unique computer identifier code (e.g.. 
specification, the present invention provides a unique computer identification number) for the computer 10 that the 
method, apparatus, and article of manufacture for broadcast- installer/receiver program 24 runs. As described below, a 
ing encrypted software to a target computer. In one embodi- customer provides this unique identification code whenever 
ment of the present invention, an encryption key, which is 60 ^ places an order for a software package. The installer/ 
unique to the particular software package, is used to encrypt receiver software program 24 enables the target computer 18 
the software package, and is then itself encrypted using the to receive software mat is broadcasted, for example via 
unique identification code of the target computer. This key satellite 14, and to install the software onto the target 
is loaded onto the target computer, to lock the particular computer 18. The peripheral computers 20a-n also contain 
software package to the target computer. The software is 65 installer/receiver software, 

then broadcast from a send computer and received at the The host computer 10 in FIG. 1 contains a library of 
target computer. In a more particular implementation, the stored software packages that customers may order. For each 
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software package, an encryption key is generated and the cated to the user in block 42. The software is broadcast as 
software package is encrypted using that encryption key. one compressed file via satellite. The bits of the file are 
The encrypted software is then compressed and stored as pushed out on the line in a manner similar, for example, to 
one packet in a single compressed file. The compressed file transmission over TCP/IP or modem, 
also includes a packet which identifies the particular soft- 5 Block 46 represents the target computer receiving the 
ware product included in the file. As described in more detail software that is broadcast via satellite. At the time specified 
below in connection with FIGS. 3 and 4, each compressed for transmission, users "tune in" with their receivers to the 
file further includes a checksum packet which is generated specified frequency or channel. As an option, the receiver 
at the time the software package is encrypted and could be set up to look for and download a specific list of 
compressed, enabling the target computer IS to determine 10 ordered products, or specific versions of a product For 
whether a software package is transmitted without error. A example, a user may want to always download new versions 
transmitting program on the host computer 19 contains of products that were already installed so that the user 
information regarding the time at which each software always has the latest version of the software product, 
package will be transmitted. The transmission and encryp- Block 48 represents checking whether the transmission is 
tion of software are performed using techniques well-known is succcssfuL jf me transmission is not successful, then the 
in the art SDC provides the user with the relevant information regard- 
Referring now to FIG. Z a flow chart is illustrated m g the next broadcast of the software. The target computer 
detailing the steps which may be used to program the ig then waits until that rime that the software is retransmit - 
computer system of FIG. 1, with the host computer If ted and subsequently receives the software as described in 
transmitting a software package to a target computer 18 20 connection with block 46. If the transmission is successful 
through a broadcast medium, according to the present inven- then, as represented in block 50. the target computer 
tion. Block 30 represents installation of a licensing program decrypts the encrypted encryption key using its identifica- 
and receiver/installer program on the target computer 18. As tion code. Once mis is performed, the target computer 
explained above, only users having mis software on their decrypts the software using the encryption key specific to 
computer receive software according to this invention; the 23 the software product 

encrypted software that is transmitted via satellite is other- Th e decryption of the software, represented in block 52. 

wise unusable. at me taiget computer 18 occurs as follows. Hie licensing 

Blocks 32 and 34 represent the target computer 18 calling program 22 generates the identification code of the target 

the SDC to order a particular software package. When the computer 18 which, in turn, is transmitted to the receiver/ 

customer orders the software, the customer selects an option installer program on the target computer 18. In the 

provided by the licensing program 22, which produces the alternative, the recefver/installer program itself generates the 

identification code of the target computer 18. A customer identification code. The receiver/installer program 14 on the 

gives his Identification code to the* operator receiving the target computer 18 utilizes this identification number to 

software order at the SDC. 3J decrypt the encrypted encryption key. The encryption key in 

Block 36 represents the SDC encrypting the encryption turn enables the target computer 18 to decrypt (i.e„ unlock) 

key specific to the ordered software package. When the SDC the transmitted software. This process occurs virtually 

receives the identification number of the target computer 18. simultaneously, thereby making it extremely difficult to 

it produces a new key(e.g„ an ASCII string) by encrypting identify the encryption key during the process, 

the software encryption key for the ordered software pack- ^ Consequently, only the target computer 18 can decrypt the 

age using the identification code of the target computer 18. software. 

The purpose of the new key (Le., the encrypted encryption Block 54 represents determining whether there are other 

key) is to lock a particular computer (e.g., the computer with peripheral computers to receive the software. If there are no 

the identification code used to encrypt the encryption key) to peripheral computers, the target computer 18. as represented 

a particular software package. Instead of allowing any 45 in blocks 56 and 58, decompresses and installs the software 

computer having the encryption key to listen to the broad- onto the target computer 18. Specifically, the installer/ 

cast and obtain software illegally, only the target computer receiver program 24 invokes a routine to decrypt and 

18 whose identification code is used to encrypt the software decompress the temporary data file. This part of die instal- 

encryption key, accesses the transmitted software. As rep- lation copies files to the file destination with the appropriate 

resented in block 38. the SDC provides the new key to the ^ permissions and ownership on the target computer 18. 

target computer 18. The SDC provides this string to the Moreover, it kicks off any installation scripts required to 

target computer 18, for example, via fax ox e-mail. complete the installation, configuration, or tuning specific 

Block 40 represents the user of the target computer 18 for the application installed, 

entering the encrypted encryption key (Le.. new key) onto As depicted in blocks 60, 62 and 64, if there are other 

the target computer 18. The mstaUer/receiver program on the 55 peripheral computers connected to the target computer 18. 

target computer 18 provides a user interface requesting the then the target computer 18 distributes the software to the 

user to insert the new key provided by the SDC. The target peripheral computers 20o-n which in turn decompress and 

computer 18 then stores mis key. install the software. As mentioned previously, each of the 

Block 42 represents the SDC providing to the user of the peripheral computers 2toa-n has a receiver/installer software 

target computer 18 the time and channel/frequency that the 60 product to enable the decompression and installation of the 

ordered software will be broadcast Software products are software. 

broadcast from the SDC. for example, during scheduled Referring to FIG. 3, a compressed file for a software 
timeslots. Preferably, popular products are broadcast at package is illustrated, having multiple packets. The corn- 
regular intervals, while relatively uncommon software prod- pressed file, generally designated 70, includes a header 72, 
ucts are periodically scheduled at the request of a user. 65 a compressed installable file packet 80. a checksum packet 
Block 44 represents transmission of the software from the 82. and an end-product broadcast packet 84. The header 72 
SDC at the time and channel/frequency mat was comrnuni- includes a begin product broadcast packet 74. a product 
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identification packet 76 and a version packet 78. The begin 
product broadcast packet 74 signals the beginning of the 
transmission of a new software product The product iden- 
tification packet 76 identifies the software product that is 
transmitted. Version packet 78 identifies the particular ver- 
sion of the software product that is transmitted. For example, 
the version packet 78 notifies users when a software product 
upgrade is being transmitted. Other identifying information 
could also be included as part of the header 72. For example, 
there could be a vendor header packet to enable a target 
computer to monitor for all software products that a par- 
ticular vendor offers. 

Packet 80 in the compressed file contains the compressed 
installable file. This includes the compressed software and 
the configuration scripts. 

Packet 82 is the checksum packet. As described in more 
detail below with the respect to FIG. 4. the checksum packet 
82 enables the user at the target computer 18 to verify mat 
the transmission is successful. The end product broadcast 
packet 84 notifies the target computer that the transmission 
is complete. 

Referring now to FIG. 4. a flow chart illustrates the steps 
for verifying that the software is successfully transmitted. 
Block 90 represents the transmission of the compressed 
software contained in the compressed installable file packet 
80. Block 92 represents transmission of the checksum 
packet 82. The checksum packet 82 is generated at the SDC 
when the software product Is initially compressed and stored 
at the send computer. Based on the contents of the file 
received at the target computer 18, an algorithm contained in 
the receiver/installer program 24 generates a code or number 
based on the compressed file received at the target computer 
18. This Dumber* wMc^iTgenerated using thc*same~algo- 
rithm that generates the checksum when the software is 
compressed is compared to the checksum packet 82, If the 
transmission has been successful, the two numbers are the 
same. At block 94 of FIG. 4, it is determined whether the 
transmission is successful by matching the checksum packet 
82 with the code generated by the file copied to the target 
computer 18. If the codes are the same, the target computer 
18. as depicted in block 96, decrypts and decompresses the 
software and installs it on the target computer 18 or distrib- 
utes it to other peripheral computers for decompression and 
installation. If the checksum packet 82 does not match the 
file that was received from the host computer 10, then the 
target computer 18 deletes the file and waits for retransmis- 
sion of the software product. 

Unlike the prior art which provides transmission through 
phone lines, the present invention is not limited in the 
number of customers who can receive a given transmission. 
Each customer who orders a particular software product 
receives the software from the same broadcast. Therefore, 
theoretically a single broadcast transmits to an unlimited 
amount of users. 

The foregoing description of the preferred embodiment of 
the invention has been presented for the purposes of illus- 
tration and description. It is not intended to be exhaustive or 
to limit the invention to the precise form disclosed. Many 
modifications and variations are possible without departing go 
from the scope of the invention as defined by the claims 
appended hereto. 

What is claimed is: 

1. A method of distributing software encrypted by a 
software encryption key to a target computer, comprising the 55 
steps of: 

receiving a number unique to the target computer; 
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encrypting the software encryption key using the number 
unique to the target computer unique number; 

transmitting the encrypted software encryption key to the 
target computer; 

communicating a timeslot and channel for broadcasting 
the encrypted software to the target computer; and 

broadcasting a message at the communicated timeslot and 
channel, the message comprising the encrypted soft- 
ware. 

2. The method of claim 1. wherein the broadcast timeslot 
is periodically scheduled according to a user request. 

3. The method of claim 1, wherein the transmission 
timeslot is regularly scheduled 

4. The method of claim 1, wherein: 

the message further comprises a version packet notifying 
the target computer that an upgraded version of the 
software is being transmitted and enabling the target 
computer to download upgraded versions of software 
already installed on the target computer, and 

the method further comprises the step of decrypting the 
software using the target computer unique number 
when the version indicator indicates that an upgraded 
version of software already installed on the target 
computer is being broadcast 

5. The method of claim 1, wherein: 

the message further comprises a vendor header packet 
enabling the target computer to monitor broadcasts for 
software products offered by a vendor. 

6. The method of claim 1. further comprising the steps of: 
decrypting the software in the target computer using the 

target computer unique number; 
determining if there are peripheral computers coupled to 
the target computer to receive the decrypted software; 
and 

distributing the decrypted software to the peripheral com- 
puters when there are peripheral computers coupled to 
the target computer to receive the decrypted software. 

7. The method of claim 1, wherein the message further 
comprises a checksum packet for determining if the target 
computer received the encrypted software without error, and 
the method further comprises the steps of: 

receiving the checksum packet in the target computer; 

processing the checksum packet in the target computer to 
determine if the encrypted software was received with- 
out error; 

providing the target computer information regarding a 
next broadcast of the software when the encrypted 
software was not received without error; and 

waiting for retransmission of the encrypted software. 

8. An apparatus for distributing software encrypted by a 
software encryption key to a target computer, comprising: 

means for receiving a number unique to the target com- 
puter, 

means for encrypting the software encryption key using 
the number unique to the target computer unique num- 
ber; 

means for transmitting the encrypted software encryption 
key to the target computer: 

means for communicating a timeslot and channel for 
broadcasting the encrypted software to the target com- 
puter; and 

means for broadcasting a message at the communicated 
timeslot and channel, the message comprising the 
encrypted software. 
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9. The apparatus of claim 8. wherein the means for 
providing a timeslot and channel for broadcasting the 
encrypted software to the target computer comprises means 
for periodically scheduling the timeslot according to a user 
request. 5 

It. The apparatus of claim 8, wherein the means for 
providing a timeslot and channel for broadcasting the 
encrypted software to the target computer comprises means 
for regularly scheduling the transmission time, 

11. The apparatus of claim 8, wherein: io 
the message further comprises a version packet notifying 

the target computer that an upgraded version of the 
software is being transmitted and enabling the target 
computer to download upgraded versions of software 
already installed on the target computer; and 
the apparatus further comprises means for decrypting the 
software using the target computer unique number 
when the version indicator indicates that an upgraded 
version of software already installed on the target 
computer is being broadcast. 

12. The apparatus of claim 8.wherein the message further 
comprises a vendor header packet enabling the target com- 
puter to monitor broadcasts for software products offered by 
a vendor. 

13. The apparatus of claim 8, further comprising: 
means for decrypting the software in the target computer 

using the target computer unique number; 
means for determining if there are peripheral computers 
coupled to the target computer to receive the decrypted 30 
software; and 

means for distributing the decrypted software to the 
peripheral computers when there arc peripheral com- 
puters coupled to the target computer to receive the 
decrypted software. 35 

14. The apparatus of claim 8, wherein the message further 
comprises a checksum packet for determining if the target 
computer received the encrypted software without error, and 
the apparatus further comprises: 

means for receiving the checksum packet in the target 40 
computer; 

means for processing the checksum packet in the target 
computer to determine if the encrypted software was 
received without error; 

providing the target computer information regarding a 
next broadcast of the software when the encrypted 
software was not received without error; and 

waiting for retransmission of the encrypted software. 

15. A program storage device, readable by computer, 50 
tangibly embodying one or more programs of instructions 
executable by the computer to perform method steps of 
distributing software encrypted by a software encryption key 

to a target computer* the method steps comprising the steps 
of: 55 

receiving a number unique to the target computer; 

encrypting the software encryption key using the number 
unique to the target computer unique number; 
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transmitting the encrypted software encryption key to the 
target computer; 

communicating a timeslot and channel for broadcasting 
the encrypted software to the target computer; and 

broadcasting a message at the communicated timeslot and 
channel, the message comprising the encrypted soft- 
ware. 

16. The program storage device of claim 15, wherein the 
broadcast timeslot is periodically scheduled according to a 
user request 

17. The program storage device of claim 15, wherein the 
transmission timeslot is regularly scheduled. 

18. The program storage device of claim 15, wherein: 
the message further comprises a version packet notifying 

the target computer that an upgraded version of the 
software is being transmitted and enabling the target 
computer to download upgraded versions of software 
already installed on the target computer; and 
the method steps further comprises the method step of 
decrypting the software using the target computer 
unique number when the version indicator indicates 
that an upgraded version of software already installed 
on the target computer is being broadcast 

19. The program storage device of claim 15, wherein: 
the message further comprises a vendor header packet 

enabling the target computer to monitor broadcasts for 
software products offered by a vendor. 

20. The program storage device of claim 15, wherein the 
method steps further comprise the method steps of: 

decrypting the software in the target computer using the 

target computer unique number; 
determining if there are peripheral computers coupled to 

the target computer to receive the decrypted software; 

and 

distributing the decrypted software to the peripheral com- 
puters when there are peripheral computers coupled to 
the target computer to receive the decrypted software. 

21. The program storage device of claim 15, wherein the 
message further comprises a checksum packet for determin- 
ing if the target computer received the encrypted software 
without error, and die method steps further comprise the 
method steps of: 

receiving the checksum packet in the target computer; 

processing the checksum packet in the target computer to 
determine if the encrypted software was received with- 
out error, 

providing the target computer information regarding a 
next broadcast of the software when the encrypted 
software was not received without error, and 

waiting for retransmission of the encrypted software. 
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